claude-code-cli

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt includes explicit examples and instructions that place API keys/OAuth tokens directly into commands and environment variables (e.g., export ANTHROPIC_API_KEY="sk-ant-..." and inline ANTHROPIC_API_KEY="sk-ant-..." claude ...), which requires the LLM to handle or emit secret values verbatim.

MEDIUM W013: Attempt to modify system services in skill instructions.

• Attempt to modify system services in skill instructions detected (high risk: 0.80). The prompt explicitly encourages bypassing permission prompts (--dangerously-skip-permissions), allowing shell/tool access (e.g., Bash, Edit) and recommends curl | bash installation and token transfer, which together enable an agent to execute arbitrary commands and modify system state or exfiltrate credentials.